{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,16]],"date-time":"2026-04-16T18:59:44Z","timestamp":1776365984547,"version":"3.51.2"},"publisher-location":"Cham","reference-count":47,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030123291","type":"print"},{"value":"9783030123307","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-12330-7_3","type":"book-chapter","created":{"date-parts":[[2019,5,13]],"date-time":"2019-05-13T22:20:47Z","timestamp":1557786047000},"page":"47-68","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":23,"title":["Advanced Persistent Threats and Zero-Day Exploits in Industrial Internet of Things"],"prefix":"10.1007","author":[{"given":"Ioannis","family":"Stellios","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Panayiotis","family":"Kotzanikolaou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mihalis","family":"Psarakis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,5,14]]},"reference":[{"key":"3_CR1","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1109\/LES.2018.2823906","volume":"10","author":"T Alves","year":"2018","unstructured":"Alves T, Das R, Morris T (2018) Embedding encryption and machine learning intrusion prevention systems on programmable logic controllers. IEEE Embed Syst Lett 10:99\u2013102","journal-title":"IEEE Embed Syst Lett"},{"key":"3_CR2","unstructured":"Andrea M (2015) GE MDS PulseNET hidden support account remote code execution vulnerability. \n                    https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-15-440\/"},{"key":"3_CR3","doi-asserted-by":"crossref","unstructured":"Ant\u00f3n SD, Fraunholz D, Lipps C, Pohl F, Zimmermann M, Schotten HD (2017) Two decades of scada exploitation: a brief history. In: 2017 IEEE Conference on Application, Information and Network Security (AINS). IEEE, pp 98\u2013104","DOI":"10.1109\/AINS.2017.8270432"},{"key":"3_CR4","unstructured":"Berger H (2014) Automating with SIMATIC S7-400 inside TIA portal: configuring, programming and testing with STEP 7 Professional. Wiley"},{"key":"3_CR5","unstructured":"Brian G, Fritz Sands TTMZDI Hacker machine interface: the state of scada HMI vulnerabilities. White paper, Trend Micro"},{"key":"3_CR6","first-page":"2011","volume":"15","author":"WJ Broad","year":"2011","unstructured":"Broad WJ, Markoff J, Sanger DE (2011) Israeli test on worm called crucial in Iran nuclear delay. NY Times 15:2011","journal-title":"NY Times"},{"key":"3_CR7","unstructured":"Case DU (2016) Analysis of the cyber attack on the Ukrainian power grid. Electricity Information Sharing and Analysis Center (E-ISAC)"},{"key":"3_CR8","unstructured":"Cerrudo C, Apa L (2017) Hacking robots before Skynet1. IOActive Website"},{"key":"3_CR9","doi-asserted-by":"crossref","unstructured":"Chen P, Desmet L, Huygens C (2014) A study on advanced persistent threats. In: IFIP International Conference on Communications and Multimedia Security. Springer, pp 63\u201372","DOI":"10.1007\/978-3-662-44885-4_5"},{"key":"3_CR10","unstructured":"Cherepanov A (2017) Win32\/industroyer: a new threat for industrial control systems. White paper, ESET, June 2017"},{"key":"3_CR11","doi-asserted-by":"publisher","first-page":"68","DOI":"10.1016\/j.ijcip.2017.12.001","volume":"20","author":"T Cherifi","year":"2017","unstructured":"Cherifi T, Hamami L (2017) A practical implementation of unconditional security for the IEC 60780-5-101 scada protocol. Int J Crit Infrastruct Prot 20:68\u201384","journal-title":"Int J Crit Infrastruct Prot"},{"key":"3_CR12","doi-asserted-by":"crossref","unstructured":"Clarke GR, Reynders D, Wright E (2004) Practical modern SCADA protocols: DNP3, 60870.5 and related systems. Newnes","DOI":"10.1016\/B978-075065799-0\/50019-X"},{"key":"3_CR13","unstructured":"Cowan C, Wagle F, Pu C, Beattie S, Walpole J (2000) Buffer overflows: attacks and defenses for the vulnerability of the decade. In: DARPA Information Survivability Conference and Exposition, 2000, DISCEX\u201900. Proceedings, vol 2. IEEE, pp 119\u2013129"},{"key":"3_CR14","unstructured":"Devarajan G (2007) Unraveling scada protocols: using sulley fuzzer. In: Defon 15 Hacking Conference"},{"key":"3_CR15","doi-asserted-by":"crossref","unstructured":"Drias Z, Serhrouchni A, Vogel O (2015) Taxonomy of attacks on industrial control protocols. In: 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS). IEEE, pp 1\u20136","DOI":"10.1109\/NOTERE.2015.7293513"},{"key":"3_CR16","unstructured":"Falliere N, Murchu LO, Chien E (2011) W32. stuxnet dossier. White paper, symantec corporation. Secur Response 5(6):29"},{"key":"3_CR17","unstructured":"Formby D, Durbha S, Beyah R (2017) Out of control: ransomware for industrial control systems. \n                    http:\/\/www.cap.gatech.edu\/plcransomware.pdf"},{"key":"3_CR18","unstructured":"Goodin D (2017) Hackers trigger yet another power outage in Ukraine. \n                    https:\/\/arstechnica.com\/security\/2017\/01\/the-new-normal-yet-another-hacker-caused-power-outage-hits-ukraine\/"},{"key":"3_CR19","unstructured":"Gruber E (2014) Verifying ASLR, DEP, and safeSEH with powershell. Blog, NetSPI 23"},{"issue":"5","key":"3_CR20","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1109\/65.953229","volume":"15","author":"JA Gutierrez","year":"2001","unstructured":"Gutierrez JA, Naeve M, Callaway E, Bourgeois M, Mitter V, Heile B (2001) IEEE 802.15. 4: a developing standard for low-power low-cost wireless personal area networks. IEEE Netw 15(5):12\u201319","journal-title":"IEEE Netw"},{"key":"3_CR21","doi-asserted-by":"crossref","unstructured":"Hurd CM, McCarty MV (2017) A survey of security tools for the industrial control system environment. Technical report, Idaho National Laboratory, Idaho Falls, ID","DOI":"10.2172\/1376870"},{"key":"3_CR22","unstructured":"Israel B, Ross R (2018) ICS threat broadens: nation-state hackers are no longer the only game in town. \n                    https:\/\/www.cybereason.com\/blog\/industrial-control-system-specialized-hackers"},{"key":"3_CR23","volume-title":"IEC 61131\u20133: programming industrial automation systems: concepts and programming languages, requirements for programming systems, decision-making aids","author":"KH John","year":"2010","unstructured":"John KH, Tiegelkamp M (2010) IEC 61131-3: programming industrial automation systems: concepts and programming languages, requirements for programming systems, decision-making aids. Springer, Heidelberg"},{"key":"3_CR24","unstructured":"Klick J, Lau S, Marzin D, Malchow JO, Roth V (2015) Internet-facing PLCs-a new back orifice. Black Hat USA, pp 22\u201326"},{"issue":"3","key":"3_CR25","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1109\/MSPEC.2013.6471059","volume":"50","author":"D Kushner","year":"2013","unstructured":"Kushner D (2013) The real story of stuxnet. IEEE Spectr 50(3):48\u201353","journal-title":"IEEE Spectr"},{"issue":"4","key":"3_CR26","doi-asserted-by":"publisher","first-page":"239","DOI":"10.1007\/s12599-014-0334-4","volume":"6","author":"H Lasi","year":"2014","unstructured":"Lasi H, Fettke P, Kemper HG, Feld T, Hoffmann M (2014) Industry 4.0. Bus Inf Syst Eng 6(4):239\u2013242","journal-title":"Bus Inf Syst Eng"},{"key":"3_CR27","unstructured":"Lee RM, Assante, MJ, Conway T (2017) CRASHOVERRIDE: analysis of the threat to electric grid operations. Dragos Inc. \n                    https:\/\/dragos.com\/wp-content\/uploads\/CrashOverride-01.pdf"},{"issue":"1","key":"3_CR28","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1109\/37.898793","volume":"21","author":"FL Lian","year":"2001","unstructured":"Lian FL, Moyne JR, Tilbury DM (2001) Performance evaluation of control networks: ethernet, controlnet, and devicenet. IEEE Control Syst 21(1):66\u201383","journal-title":"IEEE Control Syst"},{"issue":"4","key":"3_CR29","doi-asserted-by":"publisher","first-page":"3317","DOI":"10.1109\/TPWRS.2016.2631891","volume":"32","author":"G Liang","year":"2017","unstructured":"Liang G, Weller SR, Zhao J, Luo F, Dong ZY (2017) The 2015 Ukraine blackout: implications for false data injection attacks. IEEE Trans Power Syst 32(4):3317\u20133318","journal-title":"IEEE Trans Power Syst"},{"key":"3_CR30","unstructured":"Maggi F, Quarta D, Pogliani M, Polino M, Zanchettin AM, Zanero S (2017) Rogue robots: testing the limits of an industrial robot\u2019s security. Technical report, Trend Micro, Politecnico di Milano"},{"key":"3_CR31","doi-asserted-by":"publisher","first-page":"473","DOI":"10.1016\/j.ijepes.2014.06.025","volume":"63","author":"RR Mohassel","year":"2014","unstructured":"Mohassel RR, Fung A, Mohammadi F, Raahemifar K (2014) A survey on advanced metering infrastructure. Int J Electr Power Energy Syst 63:473\u2013484","journal-title":"Int J Electr Power Energy Syst"},{"key":"3_CR32","doi-asserted-by":"publisher","DOI":"10.1002\/9781118156117","volume-title":"Smart grid: fundamentals of design and analysis","author":"J Momoh","year":"2012","unstructured":"Momoh J (2012) Smart grid: fundamentals of design and analysis, vol 63. Wiley, Hoboken"},{"key":"3_CR33","doi-asserted-by":"crossref","unstructured":"Mulligan G (2007) The 6LoWPAN architecture. In: Proceedings of the 4th Workshop on Embedded Networked Sensors. ACM, pp 78\u201382","DOI":"10.1145\/1278972.1278992"},{"key":"3_CR34","unstructured":"Nelson N (2016) The impact of dragonfly malware on industrial control systems. SANS Institute, Bethesda"},{"key":"3_CR35","unstructured":"Pagliery J (2015) The inside story of the biggest hack in history. CNN, 5 Aug 2015"},{"key":"3_CR36","volume-title":"Handbook of SCADA\/control systems security","author":"R Radvanovsky","year":"2016","unstructured":"Radvanovsky R, Brodsky J (2016) Handbook of SCADA\/control systems security. CRC Press, Boca Raton"},{"key":"3_CR37","doi-asserted-by":"crossref","unstructured":"Rrushi JL (2017) Defending electrical substations against 0-day malware through decoy I\/O in protective relays. In: Dependable, Autonomic and Secure Computing, 15th International Conference on Pervasive Intelligence & Computing, 3rd International Conference on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC\/PiCom\/DataCom\/CyberSciTech), 2017 IEEE 15th International. IEEE, pp 486\u2013493","DOI":"10.1109\/DASC-PICom-DataCom-CyberSciTec.2017.92"},{"key":"3_CR38","doi-asserted-by":"crossref","unstructured":"Sadeghi AR, Wachsmann C, Waidner M (2015) Security and privacy challenges in industrial Internet of things. In: Proceedings of the 52nd Annual Design Automation Conference. ACM, p 54","DOI":"10.1145\/2744769.2747942"},{"key":"3_CR39","doi-asserted-by":"publisher","first-page":"4323","DOI":"10.1109\/TSG.2017.2655014","volume":"9","author":"N Saxena","year":"2017","unstructured":"Saxena N, Grijalva S (2017) Efficient signature scheme for delivering authentic control commands in the smart grid. IEEE Trans Smart Grid 9:4323\u20134334","journal-title":"IEEE Trans Smart Grid"},{"key":"3_CR40","doi-asserted-by":"crossref","unstructured":"Shacham H, Page M, Pfaff B, Goh EJ, Modadugu N, Boneh D (2004) On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM Conference on Computer and Communications Security. ACM, pp 298\u2013307","DOI":"10.1145\/1030083.1030124"},{"issue":"22","key":"3_CR41","doi-asserted-by":"publisher","first-page":"14641","DOI":"10.1007\/s11042-015-3050-2","volume":"75","author":"A Shahzad","year":"2016","unstructured":"Shahzad A, Lee M, Lee C, Xiong N, Kim S, Lee YK, Kim K, Woo SM, Jeong G (2016) The protocol design and new approach for scada security enhancement during sensors broadcasting system. Multimed Tools Appl 75(22):14641\u201314668","journal-title":"Multimed Tools Appl"},{"key":"3_CR42","unstructured":"Spenneberg R, Br\u00fcggemann M, Schwartke H (2016) PLC-blaster: a worm living solely in the PLC. Black Hat USA, Singapore"},{"issue":"1","key":"3_CR43","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1109\/TSG.2012.2232318","volume":"4","author":"A Srivastava","year":"2013","unstructured":"Srivastava A, Morris T, Ernster T, Vellaithurai C, Pan S, Adhikari U (2013) Modeling cyber-physical vulnerability of the smart grid with incomplete information. IEEE Trans Smart Grid 4(1):235\u2013244","journal-title":"IEEE Trans Smart Grid"},{"key":"3_CR44","doi-asserted-by":"publisher","first-page":"3453","DOI":"10.1109\/COMST.2018.2855563","volume":"20","author":"I Stellios","year":"2018","unstructured":"Stellios I, Kotzanikolaou P, Psarakis M, Alcaraz C, Lopez J (2018) A survey of IoT-enabled cyberattacks: assessing attack paths to critical infrastructures and services. IEEE Commun Surv Tutorials 20:3453\u20133495","journal-title":"IEEE Commun Surv Tutorials"},{"issue":"6","key":"3_CR45","doi-asserted-by":"publisher","first-page":"1241","DOI":"10.1109\/41.808018","volume":"46","author":"E Tovar","year":"1999","unstructured":"Tovar E, Vasques F (1999) Real-time fieldbus communications using profibus networks. IEEE Trans Ind Electron 46(6):1241\u20131251","journal-title":"IEEE Trans Ind Electron"},{"issue":"20","key":"3_CR46","doi-asserted-by":"publisher","first-page":"7373","DOI":"10.1109\/JSEN.2016.2581491","volume":"16","author":"J Wan","year":"2016","unstructured":"Wan J, Tang S, Shu Z, Li D, Wang S, Imran M, Vasilakos AV (2016) Software-defined industrial Internet of things in the context of industry 4.0. IEEE Sens J 16(20):7373\u20137380","journal-title":"IEEE Sens J"},{"key":"3_CR47","unstructured":"Zeller M (2011) Myth or reality does the aurora vulnerability pose a risk to my generator? In: 2011 64th Annual Conference for Protective Relay Engineers. IEEE, pp 130\u2013136"}],"container-title":["Advanced Sciences and Technologies for Security Applications","Security and Privacy Trends in the Industrial Internet of Things"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-12330-7_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,7,16]],"date-time":"2019-07-16T05:30:45Z","timestamp":1563255045000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-12330-7_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030123291","9783030123307"],"references-count":47,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-12330-7_3","relation":{},"ISSN":["1613-5113","2363-9466"],"issn-type":[{"value":"1613-5113","type":"print"},{"value":"2363-9466","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"14 May 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}